Skip to content

Insecure cross site request handling #9

Open
Open
Insecure cross site request handling#9
Assignees
irusland
Labels
bugSomething isn't working
Milestone
Server Enhancement
@irusland

Description

@irusland
irusland
opened on Nov 23, 2020

Server always set header
Access-Control-Allow-Origin: '*' for all preflight OPTIONS requests
this approach seems insecure.

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions